diff --git a/.github/workflows/docker-build-images.md b/.github/workflows/docker-build-images.md index 7b4144bb..f7e72c1a 100644 --- a/.github/workflows/docker-build-images.md +++ b/.github/workflows/docker-build-images.md @@ -50,7 +50,7 @@ on: permissions: {} jobs: docker-build-images: - uses: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml@a0bab9151cc074af9f6c8204ab42a48d2d570379 # 0.30.6 + uses: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml@c84014f56f57f8abe320ffa48adccbb997681550 # feat/docker-upgrade-buildkit-buildx permissions: {} secrets: # Password or GitHub token (`packages:read` and `packages:write` scopes) configuration used to log against OCI registries. @@ -184,49 +184,45 @@ jobs: ### Workflow Call Inputs -| **Input** | **Description** | **Required** | **Type** | **Default** | -| --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------- | -------------------------------- | -| **`runs-on`** | Runner to use. JSON array of runners. | **false** | **string** | `["ubuntu-latest"]` | -| | See . | | | | -| **`oci-registry`** | OCI registry configuration used to pull, push and cache images. | **false** | **string** | `ghcr.io` | -| | Accepts either a registry hostname string (default format) or a JSON object. | | | | -| | JSON example: `{"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"}` | | | | -| | JSON object keys: | | | | -| | - `pull`: registry used to pull public or default base images | | | | -| | - `pull:`: additional pull registry | | | | -| | - `push`: registry used for published images | | | | -| | - `cache`: registry used when `cache-type` is `registry` | | | | -| | If no `pull` key is provided, the `push` registry is also used for pulls. | | | | -| **`oci-registry-username`** | Username configuration used to log against OCI registries. | **false** | **string** | `${{ github.repository_owner }}` | -| | Accepts either a single username string (default format) or a JSON object using the same keys as `oci-registry`. | | | | -| | JSON example: `{"pull:private":"$\{{ github.repository_owner }}","push":"$\{{ github.repository_owner }}"}` | | | | -| | See . | | | | -| **`images`** | Images to build parameters. | **true** | **string** | - | -| | JSON array of objects. | | | | -| | Example: | | | | -| | 
[
 {
 "name": "application",
 "context": ".",
 "dockerfile": "./docker/application/Dockerfile",
 "target": "prod",
 "build-args": {
 "APP_PATH": "./application/",
 "PROD_MODE": "true"
 },
 "secret-envs": {
 "GH_TOKEN": "GITHUB_TOKEN"
 },
 "platforms": [
 "linux/amd64",
 {
 "name": "darwin/amd64",
 "runs-on": "macos-latest"
 }
 ]
 }
]
| | | | -| **`lfs`** | Enable Git LFS. | **false** | **boolean** | `true` | -| | See . | | | | -| **`build-secret-github-app-token-env`** | Environment variable name(s) to pass GitHub token generated by GitHub App. | **false** | **string** | `GITHUB_APP_TOKEN` | -| | Can be a multiline string list. | | | | -| | This is useful to pass a generated token to the build, as it is not possible to share generated secrets between jobs. | | | | -| | Needs input `build-secret-github-app-id` and secret `build-secret-github-app-key`. | | | | -| **`build-secret-github-app-id`** | GitHub App ID to generate GitHub token to be passed as build secret env. | **false** | **string** | - | -| | See . | | | | -| **`build-secret-github-app-owner`** | The owner of the GitHub App installation. | **false** | **string** | `${{ github.repository_owner }}` | -| | See . | | | | -| **`cache-type`** | Cache type. | **false** | **string** | `gha` | -| | See . | | | | -| **`buildkitd-config-inline`** | Inline BuildKit daemon configuration. | **false** | **string** | - | -| | See . | | | | -| | Example for insecure registry: | | | | -| | ```ini - [registry."my-registry.local:5000"] - http = true - insecure = true - ``` | | | | -| **`sign`** | Sign built images. | **false** | **boolean** | `true` | -| | See [sign-images](../../actions/docker/sign-images/README.md). | | | | +| **Input** | **Description** | **Required** | **Type** | **Default** | +| --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------ | ----------- | ---------------------------------- | +| **`runs-on`** | Runner to use. JSON array of runners. | **false** | **string** | `["ubuntu-latest"]` | +| | See . | | | | +| **`oci-registry`** | OCI registry configuration used to pull, push and cache images. | **false** | **string** | `ghcr.io` | +| | Accepts either a registry hostname string (default format) or a JSON object. | | | | +| | JSON example: `{"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"}` | | | | +| | JSON object keys: | | | | +| | - `pull`: registry used to pull public or default base images | | | | +| | - `pull:`: additional pull registry | | | | +| | - `push`: registry used for published images | | | | +| | - `cache`: registry used when `cache-type` is `registry` | | | | +| | If no `pull` key is provided, the `push` registry is also used for pulls. | | | | +| **`oci-registry-username`** | Username configuration used to log against OCI registries. | **false** | **string** | `$\{\{ github.repository_owner }}` | +| | Accepts either a single username string (default format) or a JSON object using the same keys as `oci-registry`. | | | | +| | JSON example: `{"pull:private":"$\{{ github.repository_owner }}","push":"$\{{ github.repository_owner }}"}` | | | | +| | See . | | | | +| **`images`** | Images to build parameters. | **true** | **string** | - | +| | JSON array of objects. | | | | +| | Example: | | | | +| | 
[
 {
 "name": "application",
 "context": ".",
 "dockerfile": "./docker/application/Dockerfile",
 "target": "prod",
 "build-args": {
 "APP_PATH": "./application/",
 "PROD_MODE": "true"
 },
 "secret-envs": {
 "GH_TOKEN": "GITHUB_TOKEN"
 },
 "platforms": [
 "linux/amd64",
 {
 "name": "darwin/amd64",
 "runs-on": "macos-latest"
 }
 ]
 }
]
| | | | +| **`lfs`** | Enable Git LFS. | **false** | **boolean** | `true` | +| | See . | | | | +| **`build-secret-github-app-token-env`** | Environment variable name(s) to pass GitHub token generated by GitHub App. | **false** | **string** | `GITHUB_APP_TOKEN` | +| | Can be a multiline string list. | | | | +| | This is useful to pass a generated token to the build, as it is not possible to share generated secrets between jobs. | | | | +| | Needs input `build-secret-github-app-id` and secret `build-secret-github-app-key`. | | | | +| **`build-secret-github-app-id`** | GitHub App ID to generate GitHub token to be passed as build secret env. | **false** | **string** | - | +| | See . | | | | +| **`build-secret-github-app-owner`** | The owner of the GitHub App installation. | **false** | **string** | `$\{\{ github.repository_owner }}` | +| | See . | | | | +| **`cache-type`** | Cache type. | **false** | **string** | `gha` | +| | See . | | | | +| **`buildkitd-config-inline`** | Inline BuildKit daemon configuration. | **false** | **string** | - | +| | See . | | | | +| | Example for insecure registry: | | | | +| | 
[registry."my-registry.local:5000"]
 http = true
 insecure = true
| | | | +| **`sign`** | Sign built images. | **false** | **boolean** | `true` | +| | See [sign-images](../../actions/docker/sign-images/README.md). | | | | @@ -247,7 +243,7 @@ jobs: -## Multiple registries +### Multiple registries The default single-registry format still works: diff --git a/.github/workflows/docker-build-images.yml b/.github/workflows/docker-build-images.yml index e3816aa2..8670019f 100644 --- a/.github/workflows/docker-build-images.yml +++ b/.github/workflows/docker-build-images.yml @@ -109,11 +109,11 @@ on: # yamllint disable-line rule:truthy Inline BuildKit daemon configuration. See https://github.com/docker/setup-buildx-action#inputs. Example for insecure registry: - ```ini - [registry."my-registry.local:5000"] - http = true - insecure = true - ``` + ```ini + [registry."my-registry.local:5000"] + http = true + insecure = true + ``` type: string required: false sign: diff --git a/Makefile b/Makefile index 7826ba1c..30d685d8 100644 --- a/Makefile +++ b/Makefile @@ -33,7 +33,7 @@ npm-audit-fix: ## Execute npm audit fix ci: ## Execute CI tasks $(MAKE) npm-audit-fix - $(MAKE) lint + $(MAKE) lint-fix test-build-application: ## Build the test application image @docker buildx build \ diff --git a/actions/docker/build-image/README.md b/actions/docker/build-image/README.md index 1c9bd665..350e2161 100644 --- a/actions/docker/build-image/README.md +++ b/actions/docker/build-image/README.md @@ -46,7 +46,7 @@ permissions: ## Usage ````yaml -- uses: hoverkraft-tech/ci-github-container/actions/docker/build-image@a0bab9151cc074af9f6c8204ab42a48d2d570379 # 0.30.6 +- uses: hoverkraft-tech/ci-github-container/actions/docker/build-image@c84014f56f57f8abe320ffa48adccbb997681550 # feat/docker-upgrade-buildkit-buildx with: # OCI registry configuration used to pull, push and cache images. # Accepts either a registry hostname string (default format) or a JSON object. @@ -159,61 +159,57 @@ permissions: ## Inputs -| **Input** | **Description** | **Required** | **Default** | -| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | -------------------------------- | -| **`oci-registry`** | OCI registry configuration used to pull, push and cache images. | **true** | `ghcr.io` | -| | Accepts either a registry hostname string (default format) or a JSON object. | | | -| | JSON example: `{"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"}` | | | -| | JSON object keys: | | | -| | - `pull`: registry used to pull public or default base images | | | -| | - `pull:`: additional pull registry | | | -| | - `push`: registry used for published images | | | -| | - `cache`: registry used when `cache-type` is `registry` | | | -| | If no `pull` key is provided, the `push` registry is also used for pulls. | | | -| **`oci-registry-username`** | Username configuration used to log against OCI registries. | **true** | `${{ github.repository_owner }}` | -| | Accepts either a single username string (default format) or a JSON object using the same keys as `oci-registry`. | | | -| | JSON example: | | | -| | `{"pull:private":"$\{{ github.repository_owner }}","push":"$\{{ github.repository_owner }}"}` | | | -| | See . | | | -| **`oci-registry-password`** | Password or personal access token configuration used to log against OCI registries. | **true** | `${{ github.token }}` | -| | Accepts either a single password/token string (default format) or a JSON object using the same keys as `oci-registry`. | | | -| | JSON example: `{"pull:private":"$\{{ github.token }}","push":"$\{{ github.token }}"}` | | | -| | Can be passed in using `secrets.GITHUB_TOKEN`. | | | -| | See . | | | -| **`repository`** | Repository name. | **false** | `${{ github.repository }}` | -| | Example: `my-org/my-repo`. | | | -| | See [Docker get-image-metadata action](../get-image-metadata/README.md). | | | -| **`image`** | Additional image name. | **false** | - | -| | Example: `application`. | | | -| | See [Docker get-image-metadata action](../get-image-metadata/README.md). | | | -| **`tag`** | Force image tag to publish | **false** | - | -| **`platform`** | Platform to build for. Example: `linux/amd64`. | **true** | - | -| | See . | | | -| **`context`** | Build's context is the set of files located in the specified PATH or URL. | **false** | `.` | -| | See . | | | -| **`dockerfile`** | Location of Dockerfile (defaults to Dockerfile). | **false** | `Dockerfile` | -| | See . | | | -| **`build-args`** | List of build-time variables. | **false** | - | -| | See . | | | -| **`target`** | Sets the target stage to build. | **false** | - | -| | See . | | | -| **`secrets`** | List of secrets to expose to the build. | **false** | - | -| | See . | | | -| **`secret-envs`** | List of secret environment variables to expose to the build (e.g., `key=envname, MY_SECRET=MY_ENV_VAR`). | **false** | - | -| | See . | | | -| **`cache-type`** | Cache type. | **false** | `gha` | -| | See . | | | -| **`buildkitd-config-inline`** | Inline BuildKit daemon configuration. | **false** | - | -| | See . | | | -| | Example for insecure registry: | | | -| | ```ini - [registry."my-registry.local:5000"] - http = true - insecure = true - ``` | | | -| **`multi-platform`** | Whether this build participates in a multi-platform image publication. | **false** | `false` | -| | When true, the image is pushed by digest only so manifests can be assembled later. | | | -| | When false, the image is pushed with its tags directly. | | | +| **Input** | **Description** | **Required** | **Default** | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ---------------------------------- | +| **`oci-registry`** | OCI registry configuration used to pull, push and cache images. | **true** | `ghcr.io` | +| | Accepts either a registry hostname string (default format) or a JSON object. | | | +| | JSON example: `{"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"}` | | | +| | JSON object keys: | | | +| | - `pull`: registry used to pull public or default base images | | | +| | - `pull:`: additional pull registry | | | +| | - `push`: registry used for published images | | | +| | - `cache`: registry used when `cache-type` is `registry` | | | +| | If no `pull` key is provided, the `push` registry is also used for pulls. | | | +| **`oci-registry-username`** | Username configuration used to log against OCI registries. | **true** | `$\{\{ github.repository_owner }}` | +| | Accepts either a single username string (default format) or a JSON object using the same keys as `oci-registry`. | | | +| | JSON example: | | | +| | `{"pull:private":"$\{{ github.repository_owner }}","push":"$\{{ github.repository_owner }}"}` | | | +| | See . | | | +| **`oci-registry-password`** | Password or personal access token configuration used to log against OCI registries. | **true** | `$\{\{ github.token }}` | +| | Accepts either a single password/token string (default format) or a JSON object using the same keys as `oci-registry`. | | | +| | JSON example: `{"pull:private":"$\{{ github.token }}","push":"$\{{ github.token }}"}` | | | +| | Can be passed in using `secrets.GITHUB_TOKEN`. | | | +| | See . | | | +| **`repository`** | Repository name. | **false** | `$\{\{ github.repository }}` | +| | Example: `my-org/my-repo`. | | | +| | See [Docker get-image-metadata action](../get-image-metadata/README.md). | | | +| **`image`** | Additional image name. | **false** | - | +| | Example: `application`. | | | +| | See [Docker get-image-metadata action](../get-image-metadata/README.md). | | | +| **`tag`** | Force image tag to publish | **false** | - | +| **`platform`** | Platform to build for. Example: `linux/amd64`. | **true** | - | +| | See . | | | +| **`context`** | Build's context is the set of files located in the specified PATH or URL. | **false** | `.` | +| | See . | | | +| **`dockerfile`** | Location of Dockerfile (defaults to Dockerfile). | **false** | `Dockerfile` | +| | See . | | | +| **`build-args`** | List of build-time variables. | **false** | - | +| | See . | | | +| **`target`** | Sets the target stage to build. | **false** | - | +| | See . | | | +| **`secrets`** | List of secrets to expose to the build. | **false** | - | +| | See . | | | +| **`secret-envs`** | List of secret environment variables to expose to the build (e.g., `key=envname, MY_SECRET=MY_ENV_VAR`). | **false** | - | +| | See . | | | +| **`cache-type`** | Cache type. | **false** | `gha` | +| | See . | | | +| **`buildkitd-config-inline`** | Inline BuildKit daemon configuration. | **false** | - | +| | See . | | | +| | Example for insecure registry: | | | +| | 
[registry."my-registry.local:5000"]
 http = true
 insecure = true
| | | +| **`multi-platform`** | Whether this build participates in a multi-platform image publication. | **false** | `false` | +| | When true, the image is pushed by digest only so manifests can be assembled later. | | | +| | When false, the image is pushed with its tags directly. | | | @@ -236,32 +232,6 @@ permissions: -## Multiple registries - -The default single-registry format still works: - -```yaml -oci-registry: ghcr.io -oci-registry-username: ${{ github.repository_owner }} -oci-registry-password: ${{ github.token }} -``` - -To configure distinct pull, push and cache registries, pass JSON objects: - -```yaml -oci-registry: | - {"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"} -oci-registry-username: | - {"pull:private":"${{ github.repository_owner }}","push":"${{ github.repository_owner }}"} -oci-registry-password: | - {"pull:private":"${{ github.token }}","push":"${{ github.token }}"} -``` - -Registry credentials are resolved by role using the same keys as `oci-registry`. -`pull` is the default pull registry, while `pull:` can be repeated for additional pull registries. -When no pull registry is provided, the push registry is also used for pulls. -Optional pull registries without credentials are skipped, which is useful for public registries such as Docker Hub. - diff --git a/actions/docker/build-image/action.yml b/actions/docker/build-image/action.yml index 8995a781..7124da14 100644 --- a/actions/docker/build-image/action.yml +++ b/actions/docker/build-image/action.yml @@ -106,11 +106,11 @@ inputs: Inline BuildKit daemon configuration. See https://github.com/docker/setup-buildx-action#inputs. Example for insecure registry: - ```ini - [registry."my-registry.local:5000"] - http = true - insecure = true - ``` + ```ini + [registry."my-registry.local:5000"] + http = true + insecure = true + ``` required: false multi-platform: description: | diff --git a/actions/docker/setup/README.md b/actions/docker/setup/README.md index 47be7e6c..9d9ccdf3 100644 --- a/actions/docker/setup/README.md +++ b/actions/docker/setup/README.md @@ -30,7 +30,7 @@ Shared action to configure Docker tooling and OCI registry authentication. ## Usage ````yaml -- uses: hoverkraft-tech/ci-github-container/actions/docker/setup@a0bab9151cc074af9f6c8204ab42a48d2d570379 # 0.30.6 +- uses: hoverkraft-tech/ci-github-container/actions/docker/setup@c84014f56f57f8abe320ffa48adccbb997681550 # feat/docker-upgrade-buildkit-buildx with: # OCI registry configuration used to pull, push and cache images. # Accepts either a registry hostname string (default format) or a JSON object. @@ -73,30 +73,54 @@ Shared action to configure Docker tooling and OCI registry authentication. ## Inputs -| **Input** | **Description** | **Required** | **Default** | -| ----------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------ | ----------- | -| **`oci-registry`** | OCI registry configuration used to pull, push and cache images. | **true** | `ghcr.io` | -| | Accepts either a registry hostname string (default format) or a JSON object. | | | -| | JSON example: `{"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"}` | | | -| **`oci-registry-username`** | Username configuration used to log against OCI registries. | **false** | - | -| | Accepts either a single username string (default format) or a JSON object using the same keys as `oci-registry`. | | | -| **`oci-registry-password`** | Password or personal access token configuration used to log against OCI registries. | **false** | - | -| | Accepts either a single password/token string (default format) or a JSON object using the same keys as `oci-registry`. | | | -| **`buildkitd-config-inline`** | Inline BuildKit daemon configuration. | **false** | - | -| | See . | | | -| | Example for insecure registry: | | | -| | ```ini - [registry."my-registry.local:5000"] - http = true - insecure = true - ``` | | | -| **`built-images`** | Optional built images payload used to resolve manifest publication registries. | **false** | - | -| | When provided, registry authentication targets are inferred from the built image data. | | | -| **`setup-buildx`** | Whether to install and configure Docker Buildx. | **false** | `true` | +| **Input** | **Description** | **Required** | **Default** | +| ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------ | ------------ | ----------- | +| **`oci-registry`** | OCI registry configuration used to pull, push and cache images. | **true** | `ghcr.io` | +| | Accepts either a registry hostname string (default format) or a JSON object. | | | +| | JSON example: `{"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"}` | | | +| **`oci-registry-username`** | Username configuration used to log against OCI registries. | **false** | - | +| | Accepts either a single username string (default format) or a JSON object using the same keys as `oci-registry`. | | | +| **`oci-registry-password`** | Password or personal access token configuration used to log against OCI registries. | **false** | - | +| | Accepts either a single password/token string (default format) or a JSON object using the same keys as `oci-registry`. | | | +| **`buildkitd-config-inline`** | Inline BuildKit daemon configuration. | **false** | - | +| | See . | | | +| | Example for insecure registry: | | | +| | 
[registry."my-registry.local:5000"]
 http = true
 insecure = true
| | | +| **`built-images`** | Optional built images payload used to resolve manifest publication registries. | **false** | - | +| | When provided, registry authentication targets are inferred from the built image data. | | | +| **`setup-buildx`** | Whether to install and configure Docker Buildx. | **false** | `true` | + +### Multiple registries + +The default single-registry format still works: + +```yaml +oci-registry: ghcr.io +oci-registry-username: ${{ github.repository_owner }} +oci-registry-password: ${{ github.token }} +``` + +To configure distinct pull, push and cache registries, pass JSON objects: + +```yaml +oci-registry: | + {"pull":"docker.io","pull:private":"ghcr.io","push":"ghcr.io"} +oci-registry-username: | + {"pull:private":"${{ github.repository_owner }}","push":"${{ github.repository_owner }}"} +oci-registry-password: | + {"pull:private":"${{ github.token }}","push":"${{ github.token }}"} +``` + +Registry credentials are resolved by role using the same keys as `oci-registry`. +`pull` is the default pull registry, while `pull:` can be repeated for additional pull registries. +When no pull registry is provided, the push registry is also used for pulls. +Optional pull registries without credentials are skipped, which is useful for public registries such as Docker Hub. + + ## Outputs diff --git a/actions/docker/setup/action.yml b/actions/docker/setup/action.yml index f53901a2..37062d8c 100644 --- a/actions/docker/setup/action.yml +++ b/actions/docker/setup/action.yml @@ -30,11 +30,11 @@ inputs: Inline BuildKit daemon configuration. See https://github.com/docker/setup-buildx-action#inputs. Example for insecure registry: - ```ini - [registry."my-registry.local:5000"] - http = true - insecure = true - ``` + ```ini + [registry."my-registry.local:5000"] + http = true + insecure = true + ``` built-images: description: | Optional built images payload used to resolve manifest publication registries. @@ -393,10 +393,10 @@ runs: id: setup-buildx with: # FIXME: upgrade version when available (https://github.com/docker/buildx/releases) - version: v0.31.1 + version: v0.32.1 # FIXME: upgrade version when available (https://hub.docker.com/r/moby/buildkit) driver-opts: | - image=moby/buildkit:v0.27.0 + image=moby/buildkit:v0.28.0 buildkitd-config-inline: ${{ inputs.buildkitd-config-inline }} - if: steps.resolve-oci-registries.outputs.has-registry-auth == 'true' diff --git a/actions/helm/generate-docs/package-lock.json b/actions/helm/generate-docs/package-lock.json index 4df9a998..d5a2adf6 100644 --- a/actions/helm/generate-docs/package-lock.json +++ b/actions/helm/generate-docs/package-lock.json @@ -1026,6 +1026,7 @@ "resolved": "https://registry.npmjs.org/express/-/express-5.2.1.tgz", "integrity": "sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==", "license": "MIT", + "peer": true, "dependencies": { "accepts": "^2.0.0", "body-parser": "^2.2.1", @@ -1461,6 +1462,7 @@ "resolved": "https://registry.npmjs.org/hono/-/hono-4.12.7.tgz", "integrity": "sha512-jq9l1DM0zVIvsm3lv9Nw9nlJnMNPOcAtsbsgiUhWcFzPE99Gvo6yRTlszSLLYacMeQ6quHD6hMfId8crVHvexw==", "license": "MIT", + "peer": true, "engines": { "node": ">=16.9.0" } @@ -1779,6 +1781,7 @@ "resolved": "https://registry.npmjs.org/keyv/-/keyv-5.5.4.tgz", "integrity": "sha512-eohl3hKTiVyD1ilYdw9T0OiB4hnjef89e3dMYKz+mVKDzj+5IteTseASUsOB+EU9Tf6VNTCjDePcP6wkDGmLKQ==", "license": "MIT", + "peer": true, "dependencies": { "@keyv/serialize": "^1.1.1" } @@ -1891,6 +1894,7 @@ "resolved": "https://registry.npmjs.org/markdownlint-cli2/-/markdownlint-cli2-0.21.0.tgz", "integrity": "sha512-DzzmbqfMW3EzHsunP66x556oZDzjcdjjlL2bHG4PubwnL58ZPAfz07px4GqteZkoCGnBYi779Y2mg7+vgNCwbw==", "license": "MIT", + "peer": true, "dependencies": { "globby": "16.1.0", "js-yaml": "4.1.1", @@ -4168,6 +4172,7 @@ "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz", "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==", "license": "MIT", + "peer": true, "funding": { "url": "https://github.com/sponsors/colinhacks" }